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DETAILED ACTION 

1 . This office action is in response to Applicant's response filed on 06/30/2006. 

2. Claims 1,3-11,1 3-1 6, 1 8-23, 25-29, 31-34, and 36-40 are pending. 

3. The rejection to claims 1,3-11, 13-16, 18-23, 25-29, 31-34, and 36-40 under 35 
U.S.C. 103 (a) as being unpatentable over Gasser et al. (U.S. Pat. No. 5,224,163) and 
Chang et al. (U.S. pat. No. 6,157,953) in view of Bowman-Amuah (U.S. Pat. No. 
6,601,192) as set forth in the office action mailed on 03/31/2006 is maintained. 

Claim Rejections - 35 USC § 103 
4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 1, 3-7, 10, 11, 16, 18-23, 25-29, 34 and 36-40 are rejected under 35 
U.S.C. 103 (a) as being unpatentable over Gasser et al. (U.S. Pat. No. 5,224,163) and 
Chang et al. (U.S. pat. No. 6,157,953) in view of Bowman-Amuah (U.S. Pat. No. 
6,601,192).. 

As per claims 1, 3-7, 10, 11, 16, 20-23, 25-29, 34, and 38-40 Gasser substantially 
discloses a method/system for delegating authorization from one entity in a distributed 
computing system to another for a computing session, wherein a session public/private 



Application/Control Number: 09/998,549 Page 3 

Art Unit: 3621 

encryption key pair is utilized for each computing session (which is readable as 
Applicant's claimed invention wherein it is stated that receiving from a delegator), 
comprising: 

receiving, from a delegator, a designation of a role and a delegate to assume the role 
(see., abstract, col 3, lines 7-48); 

receiving, from a credential service provider, an indication that the designation is valid 
(see., abstract, col 3, lines 26-48, specifically wherein it is stated that if the user's name 
if found on the list next to the requested access, access will be granted, col 6, lines 33- 
66); and 

generating a delegation credential in response to receiving the indication (see., col 3, 
lines 7-48, specifically wherein it is stated that if the user's name if found on the list next 
to the requested access, access will be granted). The limitation wherein said send a 
message to the delegator indicating that the delegation credential has been assigned is 
also disclosed by Gasser in the abstract, col 3, lines 7-48, specifically wherein it is 
stated that delegating authorization from one entity in a distributed computing system. A 
private key (or encoded delegation) enables each entity to identify itself to other entities 
and to encode certain message. When a user requests access to a system resource, 
the user's name is compared to the resource's access control list. If the user's name if 
found on the list next to the requested access, access will be granted (granted or 
credential has been assigned. 

It is to be noted that Gasser fails to explicitly disclose the limitation wherein said sending 
the delegation credential to a verification service that compares the selected delegation 
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credential to permissible delegation credentials. However, Chang discloses a 
method/apparatus of securing access to a service manager for the administration of 
services residing on multiple service host computers from an administration server 
computer. The service host computers for verification at the service hosts by examining 
data relating to user privileges (credentials verification) stored in the user profile data 
repository (see., abstract, col 3, lines 48-67, col 12, lines 1-43, col 13, lines 3-40). It 
would have been obvious to a person of ordinary skill in the art at the time the invention 
was made to modify the teaching of Gasser by including the limitation detailed above as 
taught by Chang because this would control access and authentication of a user or 
delegator. 

Gasser and Chang fail to explicitly disclose Applicant's newly added limitation wherein 
said generating a report via the verification service regarding usage of the delegation 
credential. Bowman-Amuah discloses a report architecture within environment services 
supports the generation and delivery of reports (see., abstract, col 1-col 78). Therefore, 
it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to modify the teaching of Gasser and Chang by including the 
limitation detailed above as taught by Bowman-Amuah because this would deliver 
service and control access of a user or delegator. 

As per claims 18, and 36, Gasser discloses the claimed method of storing the 
delegation credential in a database maintained by a delegation service provider (see., 
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col 3, lines 7-15, specifically wherein it is stated that public key are stored with the 
entities names in a global naming service). 

As per claims 19, and 37, Gasser discloses the claimed method wherein identifying 
comprises checking a hash of the confirmation code to identify the delegator (see., col 

5. lines 10-67, specifically wherein it is stated that RSA cryptography or has function). 

RESPONSE TO ARGUMENTS 

6. Applicant's arguments filed on 06/30/2006 have been fully considered but they 
are not persuasive. 

REMARKS 

7. In response to Applicant's arguments, Applicant argues that the prior art of 
record Gasser and Chang fail to disclose the recited feature: 

a. Applicant argues that Bowman-Amuah neither describes nor would have made 
obvious "generating a report via the verification service regarding usage of the 
delegation credential". However, the Examiner respectfully disagrees with this assertion 
since the newly found prior art Bowman-Amuah discloses a report architecture within 
environment services supports the generation and delivery of reports (see., abstract, col 
1-col 78). Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to modify the teaching of Gasser and Chang by 
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including the limitation detailed above as taught by Bowman-Amuah because this would 
deliver service and control access of a user or delegator. 

Applicant further argues that if the Examiner persists in his rejection, he is respectfully 
requested to cite a reference showing the feature of receiving a confirmation code from 
a delegate. As indicated above, the cited reference Gasser discloses this limitation in 
col 5, lines 10-67, specifically wherein said RSA cryptography or has function. Applicant 
should note that the RSA cryptographic or hash function is readable as a hash of the 
confirmation code to identify the delegator. 

Allowable Subject Matter 

8. Claims 8, 9, 13-15 and 31-33 are objected to as being dependent upon a 
rejected base claim, but would be allowable if rewritten in independent form including all 
of the limitations of the base claim and any intervening claims. 

Conclusion 

9. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Pierre E. Elisca whose telephone number is 571 272 
6706. The examiner can normally be reached on 6:30 to 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Fischer can be reached on 571 272 6779. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




Pierre Eddy Elisca 
Primary Patent Examiner 
September 07, 2006 



